>Sounds like that book is very much out of date. It's a shame, Addison-Wesley
>contacted me a year or two ago about writing an OpenLDAP book and I didn't
>have time to pursue it. One of these days...
I'm in the process of writing one.
>The degree of polish in the tools and docs is somewhat immaterial in the end.
>You still need to be well-versed in X.500 and LDAP to make effective use of a
>directory, no matter who the software comes from. You still need expertise or
>support, but with OpenLDAP you don't need to pay ludicrous per-entry license
>fees. Bottom line - there are many businesses out there migrating to
>OpenLDAP, away from Sun/Netscape/iPlanet/Novell/whatever.
Yep, the biggest hurdle to using LDAP effectively is understand what it is, and
what it is not.
>I was thumbing through the pages of an LDAP book in the bookstore and came
>across a paragraph about OpenLDAP, which said:
>"...I personally know of people who have done significant testing and
>prototyping work using these products. However, I know of nobody who has yet
>trusted them to support his or her business applications. Bottom line: If you
>want to play with compiling and modifying your own LDAP server, this is a
>good place to start."
>This is discouraging, as I had planned to put OpenLDAP into production, after
>evaluating eDir and, to a lesser extent, the Sun product. Aside from GUI
>tools and docs (which I don't have a particularly dire need for), where is
>OpenLDAP lacking compared to eDir and Sun? Why shouldn't I put this into
>production?
We've been using OpenLDAP in production since 1.2.x. It powers authentication,
authorization, mail delivery, DNS, DHCP, address books, etc... Never had slapd
crash, not once.